---
- name: Import OCP Cluster and Add Nodes
  hosts: localhost
  gather_facts: false
  vars_files:
    - ../vars/main.yml

  tasks:
    ### Step 1: Create Namespace ###
    - name: Create namespace for the imported cluster
      k8s:
        state: present
        definition:
          apiVersion: v1
          kind: Namespace
          metadata:
            name: "{{ spoke_cluster_namespace }}"

    ### Step 2: Ensure ClusterImageSet is Present ###
    - name: Ensure a matching ClusterImageSet is present
      k8s:
        state: present
        definition:
          apiVersion: hive.openshift.io/v1
          kind: ClusterImageSet
          metadata:
            name: "{{ cluster_image_set_name }}"
          spec:
            releaseImage: "{{ release_image }}"

    ### Step 3: Setup Pull Secret ###
    - name: Set up pull secret
      k8s:
        state: present
        definition:
          apiVersion: v1
          kind: Secret
          type: kubernetes.io/dockerconfigjson
          metadata:
            name: pull-secret
            namespace: "{{ spoke_cluster_namespace }}"
          stringData:
            .dockerconfigjson: "{{ pull_secret }}"

    ### Step 4: Copy Kubeconfig ###
    - name: Copy kubeconfig from the OCP cluster into the hub
      shell: |
        oc get secret -n openshift-kube-apiserver node-kubeconfigs -ojson \
        | jq '.data["lb-ext.kubeconfig"]' --raw-output | base64 -d > /tmp/kubeconfig.some-other-cluster
      environment:
        KUBECONFIG: "{{ kubeconfig_path }}"
      register: copy_kubeconfig
      until: copy_kubeconfig is success
      retries: 5
      delay: 30

    - name: Create kubeconfig secret in hub
      k8s:
        state: present
        definition:
          apiVersion: v1
          kind: Secret
          metadata:
            name: some-other-cluster-admin-kubeconfig
            namespace: "{{ spoke_cluster_namespace }}"
          data:
            kubeconfig: "{{ lookup('file', kubeconfig_path) | b64encode }}"

    ### Step 5: Create AgentClusterInstall and ClusterDeployment ###
    - name: Create AgentClusterInstall resource
      k8s:
        state: present
        definition:
          apiVersion: extensions.hive.openshift.io/v1beta1
          kind: AgentClusterInstall
          metadata:
            name: some-other-cluster-install
            namespace: "{{ spoke_cluster_namespace }}"
          spec:
            networking:
              userManagedNetworking: true
            clusterDeploymentRef:
              name: some-other-cluster
            imageSetRef:
              name: "{{ cluster_image_set_name }}"
            provisionRequirements:
              controlPlaneAgents: 1
            sshPublicKey: "{{ ssh_public_key }}"

    - name: Create ClusterDeployment resource
      k8s:
        state: present
        definition:
          apiVersion: hive.openshift.io/v1
          kind: ClusterDeployment
          metadata:
            name: "{{ cluster_name }}"
            namespace: "{{ spoke_cluster_namespace }}"
          spec:
            baseDomain: "{{ base_domain }}"
            installed: true
            clusterMetadata:
              adminKubeconfigSecretRef:
                name: some-other-cluster-admin-kubeconfig
              clusterID: ""
              infraID: ""
            clusterInstallRef:
              group: extensions.hive.openshift.io
              kind: AgentClusterInstall
              name: some-other-cluster-install
              version: v1beta1
            clusterName: "{{ cluster_name }}"
            platform:
              agentBareMetal: {}
            pullSecretRef:
              name: pull-secret

    ### Step 6: Create InfraEnv ###
    - name: Create InfraEnv resource
      k8s:
        state: present
        definition:
          apiVersion: agent-install.openshift.io/v1beta1
          kind: InfraEnv
          metadata:
            name: "{{ infra_env_name }}"
            namespace: "{{ spoke_cluster_namespace }}"
          spec:
            clusterRef:
              name: "{{ cluster_name }}"
              namespace: "{{ spoke_cluster_namespace }}"
            pullSecretRef:
              name: pull-secret
            sshAuthorizedKey: "{{ ssh_public_key }}"

    ### Step 7: Download ISO ###
    - name: Get ISO download URL
      shell: |
        oc get infraenv -n {{ spoke_cluster_namespace }} {{ infra_env_name }} -ojson \
        | jq ".status.isoDownloadURL" --raw-output | xargs curl -k -o {{ iso_output_path }}
      register: download_iso
      until: download_iso is success
      retries: 5
      delay: 30

    ### Step 8: Wait for Agent Registration ###
    - name: Wait for agent registration
      shell: "oc get agent -n {{ spoke_cluster_namespace }}"
      register: agent_registration
      until: agent_registration.stdout != ""
      retries: 12
      delay: 10

    ### Step 9: Associate and Approve Agents ###
    - name: Associate unbound agents with the cluster (for late binding)
      shell: >
        oc get agent -n {{ spoke_cluster_namespace }} -ojson |
        jq -r '.items[] | select(.spec.approved==false) |select(.spec.clusterDeploymentName==null) | .metadata.name' |
        xargs oc -n {{ spoke_cluster_namespace }} patch -p '{"spec":{"clusterDeploymentName":{"name":"{{ cluster_name }}","namespace":"{{ spoke_cluster_namespace }}"}}}' --type merge agent

    - name: Approve any pending agents for installation
      shell: >
        oc get agent -n {{ spoke_cluster_namespace }} -ojson |
        jq -r '.items[] | select(.spec.approved==false) | .metadata.name' |
        xargs oc -n {{ spoke_cluster_namespace }} patch -p '{"spec":{"approved":true}}' --type merge agent

    ### Step 10: Verify Worker Node Joining ###
    - name: Verify worker node is joining
      shell: "oc get nodes -n {{ spoke_cluster_namespace }}"
      register: worker_nodes
      until: '"Ready" in worker_nodes.stdout'
      retries: 12
      delay: 10

    - name: Ensure the worker node has joined the cluster
      debug:
        msg: "Worker node has successfully joined the cluster."
      when: '"Ready" in worker_nodes.stdout'
